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Listing of Claims 

1 . (Cxirrently Amended) A network processing system for enforcing network policies on a 
network, the network consisting of multiple data packets, the data packets forming a plurality of 
flows, the network processing system comprising: 

a network interface operable to receive data packets from the network and further operable to 
send processed data packets back onto the network; and 

a processing engine in communication with the network interface, the processing engine 
operable to associate each data packet with an identifier, wherein the identifier is associated with the 
flow of which the data packet is part, the processing engine further operable to compare each flow to 
a database stored in the processing engine, the database storing information on a set of 
programmable network policies programmed at a separate server and downloaded into the network 
processinR system in the form of an mage file , the set of programmable network policies determining 
a treatment for each flow, such that the processing engine is able to modify and direct the data 
packets according to the treatment indicated. 

2. (Previously Presented) The network processing system of Claim 1 further comprising a 
second processing engine, wherein each processing engine is unidirectional in the opposite direction 
thereby creating a bi-directional network processing system. 

3 . (Previously Presented) The network processing system of Claim 1 wherein the processing 
engine maintains a state for one or more flows, the state associated with each flow using the 
identifier. 

4. (Previously Presented) The network processing system of Claim 3 wherein the state 
existing for the particular flow at the time a new packet belonging to the particular flow is examined 
is used in conjunction with the database to determine the treatment. 
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5. (Previously Presented) The network processing system of Claim 1 wherein the processing 
engine is able to examine the entire contents of each packet. 

6. (Cancelled) 

7. (Previously Presented) The network processing system of Claim 1 wherein the set of 
programmable network policies are stored as signatures in a signature memory. 

8. (Previously Presented) The network processing system of Claim 1 wherein the processing 
engine includes a header preprocessor for examining header information in the packet, a content 
processor for comparing the packet to the database and determining a treatment, and a quality of 
service processor for modifying the packet and directing the packet according to the treatment. 

9. (Previously Presented) The network processing system of Claim 8 wherein each 
processing engine further includes a microprocessor for supplemental operations. 

1 0. (Currently Amended) A network processing system for enforcing network policies on a 
network, the network consisting of a plurality of data packets, the plurality of data packets forming a 
plurality of flows, the network processing system comprising: 

at least one left line interface operable to receive data packets from the network and to send 
processed data packets onto the network; 

at least one right line interface operable to receive data packets from the network and to send 
processed data packets onto the network; 

a right processing engine receiving data packets from the left interface, and sending processed 
data packets to the right line interface; and 

a left processing engine receiving data packets from the right interface, and sending processed 
data packets to the left line interface; 

each of the right and left processing engines further comprising: 
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a traffic flow processor processing the data packets to associate each data packet with 
a particular flow, to maintain state for a subset of flows, and to compare each flow to a database of 
network poUcies progranmied using a management interface on a separate server and downloaded 
into the network processing system in the form of an image file , the data base of network poUcies 
indicating a treatment for the data packets of each flow; 

a quality of service processor communicating with the traffic flow processor and receiving 
the treatment fi-om the traffic flow processor instructing the quality of service processor how to 
modify the contents of the data packet and which quality of service to give the data packet. 

1 1 . (Previously Presented) The network processing system of Claim 1 0 further comprising a 
management module connected with the left and the right processing engines through a bus interface, 
the management module including a microprocessor able to communicate with the left and the right 
processing engines. 

12. (Previously Presented) The network processing system of Claim 10 wherein the left and 
the right processing engines exchange information conceming flows. 

13. (Previously Presented) The network processing system of Claim 10 wherein the traffic 
flow processor is comprised of a header preprocessor and a content processor, the header 
preprocessor operable to examine header information for each packet, and the content processor 
operable to compare the packet with the database of network policies. 

14. (Previously Presented) The network processing system of Claim 10 wherein the database 
of network policies is a memory image of signatures, the signatures forming the network policies. 

15. (Previously Presented) The network processing system of Claim 10 wherein the state 
existing for the particular flow at the time a new packet belonging to the particular flow is examined 
is used in conjunction with the database to determine the treatment. 
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16. (Cancelled) 

17. (Previously Presented) The network processing system of Claim 16 wherein the 
management interface also acts to retrieve statistical and event information from the network 
processing system. 

18. (Previously Presented) The network processing system of Claim 10 wherein the left and 
right processing engines further comprise a microprocessor for supplemental processing operations. 

19. (Previously Presented) A network processing system and management interface for 
enforcing network policies on a network, the network consisting of a plurality of data packets 
forming a plurality of flows, the network processing system comprising: 

at least one network processing system operable to process network traffic, each network 
processing system further comprising: 

a network interface operable to receive data packets from the network and further 
operable to send processed data packets back onto the network; and 

a processing engine in communication with the network interface, the processing 
engine operable to associate each data packet with an identifier, wherein the identifier is 
associated with the flow to which the data packet belongs, the processing engine further 
operable to compare each flow to a database stored in the processing engine, the database 
storing information on a set of programmable network policies, the set of programmable 
network policies determining a treatment for each flow, such that the processing engine is 
able to modify and direct the data packets according to the treatment indicated; and 

a management interface to control each network processing system programmed on a 
separate server in communication with each network processing system, the management 
interface including a programming interface to allow a user to program each network 
processing system, an image builder to convert the program into an image that can be loaded 
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into the appropriate network processing system, and an interface program operable to 
communicate with and to send the image file to the appropriate network processing system. 

20. (Previously Presented) The network processing system and management interface of 
Claim 19 wherein the management interface is further operable to retrieve statistical and event 
information from each of the network processing systems. 

21. (Previously Presented) The network processing system and management interface of 
Claim 19 wherein the image includes source files used to create the image. 

22. (Previously Presented) The network processing system and management interface of 
Claim 19 wherein the network processing system fixrther includes a management module in 
communication with the processing engine and the management interface. 

23. (Previously Presented) The network processing system and management interface of 
Claim 19 wherein the network processing system further comprises a second processing engine, 
wherein each processing engine is unidirectional in the opposite direction thereby creating a bi- 
directional network processing system. 
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